
IASME Cyber Assurance is a risk-based certification that includes key aspects of security (including incident response, asset management, people management, physical controls, and GDPR compliance).
It was developed to create a cyber security standard that would be an affordable and achievable alternative to other international standards, allowing small and medium enterprises in a supply chain to demonstrate their level of cyber security for a realistic cost and indicates that they are taking good steps to properly protect their customers’ information.
A wide range of UK and International industry sectors now accept the Level 2 audited IASME Cyber Assurance certification as an alternative to other international standards.
The IASME Cyber Assurance certification includes GDPR requirements and is available in two levels:
Level 1: Verified assessment
Level 2: Audited
NOTE: you must hold a valid Cyber Essentials certificate throughout your IASME Cyber Assurance Certification.
IASME Cyber Assurance
Level One - Self Assessment
Level Two - Audited
IASME Cyber Assurance is risk-based and includes key aspects of security such as incident response, asset management, people management, physical controls and GDPR compliance.
Level 1 Certification is the first step along the certification pathway for IASME Cyber Assurance.
For the Level 1 certification, organisations are given access to a secure portal to complete their application and provide details against the Question Set.
The pricing for Level 1 certification is based on the size of the organisation applying for the certification.
Involves an audit of your processes, procedures and controls required by the standard. The audit is independent and conducted by us (an IASME Certification Body and Assessor).
You will need to have completed the IASME Cyber Assurance Level 1 certification before you can progress to the Level 2 audit.
The standard covers 13 themes across 5 areas of control:
Organisation Size | No. of Employees | Cost |
---|---|---|
Micro Organisations | 0-9 Employees | £300 + VAT |
Small Organisations | 10-49 Employees | £400 + VAT |
Medium Organisations | 50-249 Employees | £450 + VAT |
Large Organisations | 250+ Employees | £500 + VAT |

1 Can I apply to do Cyber Essentials and IASME Cyber Assurance together?
Yes, you can apply for both Cyber Essentials and IASME Cyber Assurance at the same time. However, you cannot start your IASME Cyber Assurance application until you've successfully achieved Cyber Essentials.
2 Does the fees include both Cyber Essentials and IASME Cyber Assurance?
No, both Cyber Essentials and IASME Cyber Assurance have a separate tiered pricing structure which are based on the size of your company.
3 Is IASME Cyber Assurance mapped against other standards?
Yes, the IASME Consortium Ltd have mapped IASME Cyber Assurance against several other standards here: https://iasme.co.uk/iasme-governance/mapping-to-other-standards/